US2025310338A1PendingUtilityA1
Bridging between source applications and authorization systems
Est. expiryMar 27, 2044(~17.7 yrs left)· nominal 20-yr term from priority
H04L 63/20H04L 63/102
67
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Bridging between source applications and authorization systems is disclosed, including: monitoring an update across a set of source application servers; translating the update into a synthetic message using source application information associated with the set of source application servers and an attribute associated with a target authorization system; and sending the synthetic message to the target authorization system, wherein the target authorization system is configured to instruct an authorization action to be performed at one or more of the set of source application servers.
Claims
exact text as granted — not AI-modified1 . A system, comprising:
a database configured to store source application information associated with a set of source application servers; and one or more processors configured to:
monitor a set of updates across the set of source application servers;
package the set of updates into a synthetic message using the source application information and an attribute associated with a target authorization system;
send the synthetic message to the target authorization system, wherein the target authorization system is configured to instruct an authorization action to be performed at one or more of the set of source application servers; and
perform an implementation at the one or more of the set of source application servers based at least in part on the authorization action.
2 . The system of claim 1 , wherein to monitor the set of updates across the set of source application servers comprises to monitor logs or events of the set of source application servers.
3 . The system of claim 1 , wherein the set of updates comprises one or more of the following: an entity gaining an access, the entity performing an action in a source application, the entity connecting to another system, the entity changing an Internet Protocol (IP) address, the entity changing a location, the entity elevating a permission, the entity using administrative or elevated permissions, and the entity performing an operation on data.
4 . The system of claim 3 , wherein the entity refers to one of the following: a user, an integration, and an automated process.
5 . The system of claim 1 , wherein to monitor the set of updates across the set of source application servers comprises to receive messages from the set of source application servers.
6 . The system of claim 5 , wherein to package the set of updates into the synthetic message comprises to:
determine a source application-specific user identifier (ID) of a user identified in the set of updates; determine a global user ID corresponding to the source application-specific user ID; and add the global user ID into the synthetic message that is generated from the set of updates.
7 . The system of claim 5 , wherein to package the set of updates into the synthetic message comprises to:
determine a format of data that is to be ingested by the target authorization system; and based on the format of the data that is to be ingested by the target authorization system, add a new field to the synthetic message.
8 . The system of claim 5 , wherein to package the set of updates into the synthetic message comprises to:
score the received messages; filter the received messages based on their respective scores; and generate the synthetic message based on received messages that are not filtered out based on their respective scores.
9 . The system of claim 5 , wherein to package the set of updates into the synthetic message comprises to enable efficient transmission of the synthetic message by one or more of the following: compression, bulk packaging, message grouping, and pruning with respect to the received messages.
10 . The system of claim 5 , wherein to package the set of updates into the synthetic message comprises to:
obtain a data classification associated with a source application server from which at least a subset of the set of updates was monitored; and add the data classification to the synthetic message.
11 . The system of claim 1 , wherein to monitor the set of updates across the set of source application servers comprises to receive telemetric updates from the set of source application servers.
12 . The system of claim 1 , wherein to package the set of updates into the synthetic message comprises to:
determine that a change included in the update had originated from a first source application server; and masquerade a content of the synthetic message to emulate that the change included in the update had originated from a second source application server, wherein the second source application server is different from the first source application server.
13 . The system of claim 1 , wherein to package the set of updates into the synthetic message comprises to combine the set of updates into a single synthetic message that conforms to a format or protocol that is recognized by the target authorization system.
14 . The system of claim 13 , wherein the set of updates comprises updates monitored across at least two different source application servers.
15 . The system of claim 1 , wherein the one or more processors are further configured to receive, from the target authorization system, an instruction describing the authorization action.
16 . The system of claim 15 , wherein the one or more processors are further configured to determine whether the authorization action is able to be performed natively at the one or more of the set of source application servers relative to the instruction.
17 . The system of claim 16 , wherein in the event that the authorization action is able to be performed natively at the one or more of the set of source application servers, the one or more processors are configured to make one or more application programming interface (API) calls to the one or more of the set of source application servers to implement the authorization action.
18 . The system of claim 16 , wherein in the event that the authorization action is not able to be performed natively at the one or more of the set of source application servers, the one or more processors are configured to perform an action at the one or more of the set of source application servers that approximates an effect of the authorization action that is instructed by the target authorization system.
19 . A method, comprising:
monitoring a set of updates across a set of source application servers; packaging the set of updates into a synthetic message using source application information and an attribute associated with a target authorization system; sending the synthetic message to the target authorization system, wherein the target authorization system is configured to instruct an authorization action to be performed at one or more of the set of source application servers; and performing an implementation at the one or more of the set of source application servers based at least in part on the authorization action.
20 . The method of claim 19 , wherein packaging the set of updates into the synthetic message comprises combining the set of updates into a single synthetic message that conforms to a format or protocol that is recognized by the target authorization system.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.